const User = require('../models/User')
module.exports = async (req, res, next) => {
  if (!req._id) {
    res.error(401, '请先登录')
    return
  }
  let user = await User.findById(req._id)
  console.log('user!!!!: ', user)
  if (user.roles.includes('admin')) {
    next()
  } else {
    res.error(403, '你没有权限访问')
  }
}
